Sonicwall UDP port forward

Greeting,

I have a Sonicwall NSA240 in my network.

I need to open UDP port 21068 and to nat it to this IP address : 172.16.117.5.

I have successfully created my firewall/nat rules with the built-in firewall wizard. (Which I already used to create other firewall / nat rules that currently works.)

The packets doesn't pass my firewall ..

I installed nmap to see if the UDP port are opened on my server and my firewall.

This is my command : nmap -p 21068 -sU -P0 SERVER

I try this command from my local network and this is what I've got

nmap -p 21068 -sU -P0 172.16.117.5

Nmap scan report for 172.16.117.5
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:02:D9:09:01:94 (Reliable Controls)
Nmap done: 1 IP address (1 host up) scanned in 0.59 seconds

I know that this port is open on the server.

I try the same command on my sonicwall

nmap -p 21068 -sU -P0 172.16.117.2

Nmap scan report for 172.16.117.2
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:17:C5:2C:5F:01 (SonicWALL)
Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds

It's supposed to be opened on my sonicwall as well...

I decided to try any other UDP scan port on the server to see if the nmap output was right. When the port isn't open it give me something like this :

PORT STATE SERVICE
34        Closed  unknown

I try the same thing on my Sonicwall but it always told me that the requested UDP port is open ?

I also try the nmap scan from the outside of my network.. it gives me the same output (all udp port seems to be open)

Does all my UDP ports are open in my sonicwall ?

Also, do you have any idea why I can't access my server on the port I opened ?
tblincAsked:
Who is Participating?
 
tblincConnect With a Mentor Author Commented:
I finally find what was my error.

I have a Client and server Antivirus software provided by my sonicwall. The computer in question doesn't have the antivirus installed. So all the traffic was reaching this computer but the computer itselft cannot send anything on the network.

I removed it from the scope and it finally works successfully.

Thank you for your help.
0
 
digitapCommented:
I'd check the log with a connection attempt going to see what it hits.  On the NSA 240, you can setup a packet capture to see if it's getting through.  You might also consider disabling any of the security services for a testing period.  Additionally, check the LAN > WAN and WAN > LAN rules to confirm they're accurate.
0
 
digitapCommented:
also, please post the logs back here so we can have a look at them.
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
tblincAuthor Commented:
I set up a VPN connexion instead. My VPN connection is able to built successfully but I can only ping my dns server and my sonicwall.

I can't ping anything else on my network.

I try to add a firewall rule

VPN -> LAN allow any  but it doesn't work
0
 
digitapCommented:
what does the lan to vpn rule look like?
0
 
tblincAuthor Commented:
Priority      Source                                           Destination                   Service  Action       Users  
1              WAN RemoteAccess Networks  Vpn DHCP Clients   Any          Allow       All                           
0
 
tblincAuthor Commented:
I saw this when I try to ping something in my network


log.jpg
0
 
digitapCommented:
Thanks for your patience.

You need to look at the LAN > VPN and VPN > LAN settings.  I don't get the feeling that we're getting there yet.  The best way is to go to Firewall > Access Rules.  Click the radio button called "Drop-down Boxes" and select the From Zone and To Zone.

Regarding the screen shot, IPS is only alerting of the ping.  Since you are not blocking Low alerts, it's only notifying not dropping.
0
 
digitapCommented:
So, the sonicwall was blocking it because it didn't have the AV client installed, right?
0
 
tblincAuthor Commented:
right
0
 
digitapCommented:
didn't think of that.  guess i didn't realize you were using the client AV as well as the gateway AV on the sonicwall.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.